04a4fc605489e892da1c504763c47fb0d2a0295908d24cef9e8a300566cb477c

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 01:08

Target

480a453e52af110c81dbd405c6dfda93.exe
Size

294KB
MD5

480a453e52af110c81dbd405c6dfda93
SHA1

0a2e0527b21c592301b52950787ece7b3f8231a2
SHA256

04a4fc605489e892da1c504763c47fb0d2a0295908d24cef9e8a300566cb477c
SHA512

bddc5ee25df29c3a932134a7fc03509e00d6ee5ed5071b769bd941e9ca4d014db8c2a0e38fe30ffcd297e7f5aba8e6ff18d879aa9c5e89db184b7e73f6598ce1
SSDEEP

6144:JRs++PjbdqaEGqWn9K6pLP++eIBLX+FbuNZD/s+9tGTQ2jjcyN/4py4vwc:J8PjmC9bZ+/Ilbp/ztGTQ4j16vB

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2088 set thread context of 2312	2088	480a453e52af110c81dbd405c6dfda93.exe	28

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 2088 wrote to memory of 2312	2088	480a453e52af110c81dbd405c6dfda93.exe	28
PID 2088 wrote to memory of 2312	2088	480a453e52af110c81dbd405c6dfda93.exe	28
PID 2088 wrote to memory of 2312	2088	480a453e52af110c81dbd405c6dfda93.exe	28
PID 2088 wrote to memory of 2312	2088	480a453e52af110c81dbd405c6dfda93.exe	28
PID 2088 wrote to memory of 2312	2088	480a453e52af110c81dbd405c6dfda93.exe	28
PID 2088 wrote to memory of 2312	2088	480a453e52af110c81dbd405c6dfda93.exe	28
PID 2088 wrote to memory of 2312	2088	480a453e52af110c81dbd405c6dfda93.exe	28
PID 2088 wrote to memory of 2312	2088	480a453e52af110c81dbd405c6dfda93.exe	28
PID 2088 wrote to memory of 2312	2088	480a453e52af110c81dbd405c6dfda93.exe	28

C:\Users\Admin\AppData\Local\Temp\480a453e52af110c81dbd405c6dfda93.exe
"C:\Users\Admin\AppData\Local\Temp\480a453e52af110c81dbd405c6dfda93.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2088
- C:\Users\Admin\AppData\Local\Temp\480a453e52af110c81dbd405c6dfda93.exe
  "C:\Users\Admin\AppData\Local\Temp\480a453e52af110c81dbd405c6dfda93.exe"
  2⤵
  PID:2312

memory/2088-0-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/2088-1-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/2088-13-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/2312-10-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2312-6-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/2312-8-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/2312-4-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/2312-12-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/2312-2-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/2312-15-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/2312-16-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/2312-17-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/2312-18-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download